yume/act
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Move actions path outside of workdir (#701)

Browse source 
* feat: add option to specify user for exec

* fix: move actions to static path outside workdir

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
This commit is contained in:
Ryan (hackercat) 2021-05-24 17:09:03 +00:00 committed by GitHub
parent 490039975f
commit d794e2fe4c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 19 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
pkg/container/docker_run.go
View file

@ -68,7 +68,7 @@ type Container interface {
CopyDir(destPath string, srcPath string, useGitIgnore bool) common.Executor CopyDir(destPath string, srcPath string, useGitIgnore bool) common.Executor
Pull(forcePull bool) common.Executor Pull(forcePull bool) common.Executor
Start(attach bool) common.Executor Start(attach bool) common.Executor
Exec(command []string, env map[string]string) common.Executor Exec(command []string, env map[string]string, user string) common.Executor
UpdateFromEnv(srcPath string, env *map[string]string) common.Executor UpdateFromEnv(srcPath string, env *map[string]string) common.Executor
UpdateFromPath(env *map[string]string) common.Executor UpdateFromPath(env *map[string]string) common.Executor
Remove() common.Executor Remove() common.Executor
@ -145,9 +145,7 @@ func (cr *containerReference) Copy(destPath string, files ...*FileEntry) common.
func (cr *containerReference) CopyDir(destPath string, srcPath string, useGitIgnore bool) common.Executor { func (cr *containerReference) CopyDir(destPath string, srcPath string, useGitIgnore bool) common.Executor {
return common.NewPipelineExecutor( return common.NewPipelineExecutor(
common.NewInfoExecutor("%sdocker cp src=%s dst=%s", logPrefix, srcPath, destPath), common.NewInfoExecutor("%sdocker cp src=%s dst=%s", logPrefix, srcPath, destPath),
cr.connect(), cr.Exec([]string{"mkdir", "-p", destPath}, nil, ""),
cr.find(),
cr.exec([]string{"mkdir", "-p", destPath}, nil),
cr.copyDir(destPath, srcPath, useGitIgnore), cr.copyDir(destPath, srcPath, useGitIgnore),
).IfNot(common.Dryrun) ).IfNot(common.Dryrun)
} }
@ -160,11 +158,12 @@ func (cr *containerReference) UpdateFromPath(env *map[string]string) common.Exec
return cr.extractPath(env).IfNot(common.Dryrun) return cr.extractPath(env).IfNot(common.Dryrun)
} }
func (cr *containerReference) Exec(command []string, env map[string]string) common.Executor { func (cr *containerReference) Exec(command []string, env map[string]string, user string) common.Executor {
return common.NewPipelineExecutor( return common.NewPipelineExecutor(
common.NewInfoExecutor("%sdocker exec cmd=[%s] user=%s", logPrefix, strings.Join(command, " "), user),
cr.connect(), cr.connect(),
cr.find(), cr.find(),
cr.exec(command, env), cr.exec(command, env, user),
).IfNot(common.Dryrun) ).IfNot(common.Dryrun)
} }
@ -407,7 +406,7 @@ func (cr *containerReference) extractPath(env *map[string]string) common.Executo
} }
} }
func (cr *containerReference) exec(cmd []string, env map[string]string) common.Executor { func (cr *containerReference) exec(cmd []string, env map[string]string, user string) common.Executor {
return func(ctx context.Context) error { return func(ctx context.Context) error {
logger := common.Logger(ctx) logger := common.Logger(ctx)
// Fix slashes when running on Windows // Fix slashes when running on Windows
@ -427,6 +426,7 @@ func (cr *containerReference) exec(cmd []string, env map[string]string) common.E
} }
idResp, err := cr.cli.ContainerExecCreate(ctx, cr.id, types.ExecConfig{ idResp, err := cr.cli.ContainerExecCreate(ctx, cr.id, types.ExecConfig{
User: user,
Cmd: cmd, Cmd: cmd,
WorkingDir: cr.input.WorkingDir, WorkingDir: cr.input.WorkingDir,
Env: envList, Env: envList,

14
pkg/runner/run_context.go
View file

@ -19,6 +19,8 @@ import (
"github.com/nektos/act/pkg/model" "github.com/nektos/act/pkg/model"
) )
const ActPath string = "/var/run/act"
// RunContext contains info about current job // RunContext contains info about current job
type RunContext struct { type RunContext struct {
Name string Name string
@ -77,7 +79,6 @@ func (rc *RunContext) GetBindsAndMounts() ([]string, map[string]string) {
mounts := map[string]string{ mounts := map[string]string{
"act-toolcache": "/toolcache", "act-toolcache": "/toolcache",
"act-actions": "/actions",
} }
if rc.Config.BindWorkdir { if rc.Config.BindWorkdir {
@ -150,8 +151,9 @@ func (rc *RunContext) startJobContainer() common.Executor {
rc.JobContainer.Create(), rc.JobContainer.Create(),
rc.JobContainer.Start(false), rc.JobContainer.Start(false),
rc.JobContainer.UpdateFromEnv("/etc/environment", &rc.Env), rc.JobContainer.UpdateFromEnv("/etc/environment", &rc.Env),
rc.JobContainer.Exec([]string{"mkdir", "-m", "0777", "-p", ActPath}, rc.Env, "root"),
rc.JobContainer.CopyDir(copyToPath, rc.Config.Workdir+string(filepath.Separator)+".", rc.Config.UseGitIgnore).IfBool(copyWorkspace), rc.JobContainer.CopyDir(copyToPath, rc.Config.Workdir+string(filepath.Separator)+".", rc.Config.UseGitIgnore).IfBool(copyWorkspace),
rc.JobContainer.Copy("/tmp/", &container.FileEntry{ rc.JobContainer.Copy(ActPath+"/", &container.FileEntry{
Name: "workflow/event.json", Name: "workflow/event.json",
Mode: 0644, Mode: 0644,
Body: rc.EventJSON, Body: rc.EventJSON,
@ -169,7 +171,7 @@ func (rc *RunContext) startJobContainer() common.Executor {
} }
func (rc *RunContext) execJobContainer(cmd []string, env map[string]string) common.Executor { func (rc *RunContext) execJobContainer(cmd []string, env map[string]string) common.Executor {
return func(ctx context.Context) error { return func(ctx context.Context) error {
return rc.JobContainer.Exec(cmd, env)(ctx) return rc.JobContainer.Exec(cmd, env, "")(ctx)
} }
} }
@ -488,7 +490,7 @@ type githubContext struct {
func (rc *RunContext) getGithubContext() *githubContext { func (rc *RunContext) getGithubContext() *githubContext {
ghc := &githubContext{ ghc := &githubContext{
Event: make(map[string]interface{}), Event: make(map[string]interface{}),
EventPath: "/tmp/workflow/event.json", EventPath: ActPath + "/workflow/event.json",
Workflow: rc.Run.Workflow.Name, Workflow: rc.Run.Workflow.Name,
RunID: rc.Config.Env["GITHUB_RUN_ID"], RunID: rc.Config.Env["GITHUB_RUN_ID"],
RunNumber: rc.Config.Env["GITHUB_RUN_NUMBER"], RunNumber: rc.Config.Env["GITHUB_RUN_NUMBER"],
@ -660,8 +662,8 @@ func withDefaultBranch(b string, event map[string]interface{}) map[string]interf
func (rc *RunContext) withGithubEnv(env map[string]string) map[string]string { func (rc *RunContext) withGithubEnv(env map[string]string) map[string]string {
github := rc.getGithubContext() github := rc.getGithubContext()
env["CI"] = "true" env["CI"] = "true"
env["GITHUB_ENV"] = "/tmp/workflow/envs.txt" env["GITHUB_ENV"] = ActPath + "/workflow/envs.txt"
env["GITHUB_PATH"] = "/tmp/workflow/paths.txt" env["GITHUB_PATH"] = ActPath + "/workflow/paths.txt"
env["GITHUB_WORKFLOW"] = github.Workflow env["GITHUB_WORKFLOW"] = github.Workflow
env["GITHUB_RUN_ID"] = github.RunID env["GITHUB_RUN_ID"] = github.RunID
env["GITHUB_RUN_NUMBER"] = github.RunNumber env["GITHUB_RUN_NUMBER"] = github.RunNumber

2
pkg/runner/run_context_test.go
View file

@ -316,6 +316,6 @@ func TestGetGitHubContext(t *testing.T) {
assert.Equal(t, ghc.Repository, "nektos/act") assert.Equal(t, ghc.Repository, "nektos/act")
assert.Equal(t, ghc.RepositoryOwner, "nektos") assert.Equal(t, ghc.RepositoryOwner, "nektos")
assert.Equal(t, ghc.RunnerPerflog, "/dev/null") assert.Equal(t, ghc.RunnerPerflog, "/dev/null")
assert.Equal(t, ghc.EventPath, "/tmp/workflow/event.json") assert.Equal(t, ghc.EventPath, ActPath+"/workflow/event.json")
assert.Equal(t, ghc.Token, rc.Config.Secrets["GITHUB_TOKEN"]) assert.Equal(t, ghc.Token, rc.Config.Secrets["GITHUB_TOKEN"])
} }

6
pkg/runner/step_context.go
View file

@ -383,13 +383,13 @@ func (sc *StepContext) getContainerActionPaths(step *model.Step, actionDir strin
containerActionDir := "." containerActionDir := "."
if !rc.Config.BindWorkdir && step.Type() != model.StepTypeUsesActionRemote { if !rc.Config.BindWorkdir && step.Type() != model.StepTypeUsesActionRemote {
actionName = getOsSafeRelativePath(actionDir, rc.Config.Workdir) actionName = getOsSafeRelativePath(actionDir, rc.Config.Workdir)
containerActionDir = rc.Config.ContainerWorkdir() + "/_actions/" + actionName containerActionDir = ActPath + "/actions/" + actionName
} else if step.Type() == model.StepTypeUsesActionRemote { } else if step.Type() == model.StepTypeUsesActionRemote {
actionName = getOsSafeRelativePath(actionDir, rc.ActionCacheDir()) actionName = getOsSafeRelativePath(actionDir, rc.ActionCacheDir())
containerActionDir = rc.Config.ContainerWorkdir() + "/_actions/" + actionName containerActionDir = ActPath + "/actions/" + actionName
} else if step.Type() == model.StepTypeUsesActionLocal { } else if step.Type() == model.StepTypeUsesActionLocal {
actionName = getOsSafeRelativePath(actionDir, rc.Config.Workdir) actionName = getOsSafeRelativePath(actionDir, rc.Config.Workdir)
containerActionDir = rc.Config.ContainerWorkdir() + "/_actions/" + actionName containerActionDir = ActPath + "/actions/" + actionName
} }
if actionName == "" { if actionName == "" {